Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1265

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2014-1265
Last Modified 27 Feb 2014 04:39:23
Published 26 Feb 2014 08:55:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2014-1265

Summary

The systemsetup program in the Date and Time subsystem in Apple OS X before 10.9.2 allows local users to bypass intended access restrictions by changing the current time on the system clock.

Vulnerable Systems

Operating System

  • Apple Mac Os X 10.7.0

  • Apple Mac Os X 10.7.1

  • Apple Mac Os X 10.7.2

  • Apple Mac Os X 10.7.3

  • Apple Mac Os X 10.7.4

  • Apple Mac Os X 10.7.5

  • Apple Mac Os X 10.8.0

  • Apple Mac Os X 10.8.1

  • Apple Mac Os X 10.8.2

  • Apple Mac Os X 10.8.3

  • Apple Mac Os X 10.8.4

  • Apple Mac Os X 10.8.5

  • Apple Mac Os X 10.9

  • Apple Mac Os X 10.9.1

  • Apple Mac Os X Server 10.7.0

  • Apple Mac Os X Server 10.7.1

  • Apple Mac Os X Server 10.7.2

  • Apple Mac Os X Server 10.7.3

  • Apple Mac Os X Server 10.7.4

  • Apple Mac Os X Server 10.7.5


References

CONFIRM - http://support.apple.com/kb/HT6150

Related Patches

Apple 2014-02-25 Mac OS X 10.9.2 Combo Update

Apple 2014-02-25 Mac OS X 10.9.2 Update

Apple 2014-02-25 Security Update 2014-001 (Mountain Lion) (Rev 2)

Apple 2014-02-25 Security Update 2014-001 Server (Lion) (Rev 2)

Apple 2014-02-25 Security Update 2014-001 (Lion) (Rev 2)


Last Updated: 27 May 2016 10:56:45